[openssl-users] Get raw RSA public key from X509 certificate

Matt Caswell matt at openssl.org
Fri Apr 27 08:50:39 UTC 2018

On 26/04/18 23:48, Ken Goldman wrote:
> On 04/26/18 16:37, Matt Caswell wrote:
>> On 26/04/18 21:17, Ken Goldman wrote:
>>> I have to get the raw public modulus, but I cannot X509_get_pubkey()
>>> because of a non-standard object identifier.
>>> I can use X509_get_X509_PUBKEY() to get part way there.  I see the DER
>>> wrapped key in the public_key.data element, but I don't know an API to
>>> get to that element.
>> How about X509_PUBKEY_get0_param():
>> https://www.openssl.org/docs/man1.1.0/crypto/X509_PUBKEY_get0_param.html
> Thanks!  That got me halfway there.
> That gives me a DER steam that is a SEQUENCE of two INTEGERs.  The first
> is the public modulus and the second one is the exponent.
> How do I go from that SEQUENCE to the components, and then from the
> components to their byte streams and lengths?
> I assume it's some raw DER function like d2i_something.

How about create a mem-bio backed by the buffer containing the raw data
and then call d2i_RSAPublicKey_bio()?


More information about the openssl-users mailing list